robinv Posted July 3, 2013 ID:698503 Share Posted July 3, 2013 Hi,I'm embarrassed to ask as this should be an easy one and part of my job is removing virus' from people's computers but I can't seem to kick this one.It's a regular google link hijack that only happens in Firefox when I start a new google search in a new window or sometimes tab. It redirects to another sponsored search of some kind - usually benign and simply annoying rather than dangerous - but of course you don't know what else is going on. All Malwarebytes scans come up clean, as so Windows Defender and Hitman Pro. I have a full copy of Malware bytes. here's the logs and thanks for any help: DDS:DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.21.2Run by Robin at 22:07:22 on 2013-07-03Microsoft Windows 8 Pro with Media Center 6.2.9200.0.1252.44.2057.18.16331.10818 [GMT 1:00].AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\dwm.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exeC:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exeC:\Windows\system32\dashost.exeC:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Windows\system32\IProsetMonitor.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exeC:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exeC:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exeC:\Windows\SysWOW64\PnkBstrA.exeC:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exeC:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Windows Defender\MsMpEng.exeC:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Windows\system32\taskhostex.exeC:\Windows\Explorer.EXEC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\System32\rundll32.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\System32\mobsync.exeC:\Program Files\Common Files\microsoft shared\ink\TabTip.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exeC:\Windows\System32\RuntimeBroker.exeC:\Program Files (x86)\Pidgin\pidgin.exeC:\Users\Robin\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exeC:\Program Files (x86)\nerds.de\LoopBe2\loough.exeC:\Program Files (x86)\Windows Live\Mail\wlmail.exeC:\Program Files (x86)\Windows Live\Contacts\wlcomm.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exeC:\Users\Robin\AppData\Roaming\Copy\CopyAgent.exeC:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXEC:\PROGRA~2\Intuit\QUICKB~2\QBDBMgr.exeC:\Program Files (x86)\Common Files\Intuit\QuickBooks\axlbridge.exeC:\Windows\splwow64.exeC:\Program Files (x86)\Steam\Steam.exeC:\Program Files (x86)\Common Files\Steam\SteamService.exeC:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exeC:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exeC:\Program Files (x86)\TeamViewer\Version8\tv_w32.exeC:\Program Files (x86)\TeamViewer\Version8\tv_x64.exeC:\PROGRA~2\Intuit\QUICKB~2\dbextclr11.exeC:\Windows\System32\WUDFHost.exeC:\Windows\system32\wwahost.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Windows\system32\wwahost.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\SearchProtocolHost.exeC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exe,BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllBHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dlluRun: [AdobeBridge] <no file>mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exemRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbyloginmRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startupmRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"dRun: [Copy] "C:\Users\Robin\AppData\Roaming\Copy\CopyAgent.exe"StartupFolder: C:\Users\Robin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\CODEME~1.LNK - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\LOOPBE~1.LNK - C:\Program Files (x86)\nerds.de\LoopBe2\loough.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\QUICKB~2.LNK - C:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXEmPolicies-System: PromptOnSecureDesktop = dword:0mPolicies-System: ConsentPromptBehaviorAdmin = dword:0IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.htmlIE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dllTCP: NameServer = 192.168.0.1TCP: Interfaces\{4B1870CC-4438-44F5-AC05-7B76DFBE8295} : DHCPNameServer = 192.168.0.1TCP: Interfaces\{DC7A1243-58A3-4ACA-B15C-681C0F1FA88E} : DHCPNameServer = 192.168.0.1Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - C:\Program Files (x86)\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dllHandler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLLHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllAppInit_DLLs= C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll, C:\Windows\SysWOW64\nvinit.dllSSODL: WebCheck - <orphaned>mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettingsx64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLLx64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLLx64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -sx64-Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2Px64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetchx64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGamingx64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"x64-mPolicies-System: PromptOnSecureDesktop = dword:0x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dllx64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dllx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - <orphaned>x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dllx64-SSODL: WebCheck - <orphaned>Hosts: 184.107.188.204 smithsonmartin.com.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\hpnratv8.default-1357556451162\FF - prefs.js: network.proxy.type - 0FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLLFF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dllFF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dllFF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dllFF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dllFF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dllFF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dllFF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dllFF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\npspwrap.dllFF - plugin: C:\Users\Robin\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dllFF - plugin: C:\Users\Robin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll.============= SERVICES / DRIVERS ===============.R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-11-1 645952]R0 PxHlpa64;PxHlpa64;C:\Windows\System32\Drivers\PxHlpa64.sys [2012-11-13 56336]R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-11-1 920736]R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-11-1 951936]R2 CodeMeter.exe;CodeMeter Runtime Server;C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2011-7-6 2304912]R2 DigiNet;Digidesign Ethernet Support;C:\Windows\System32\Drivers\diginet.sys [2012-12-18 23976]R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-11-1 233328]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-1 7168]R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-6-5 190824]R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-11-1 166720]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-27 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-27 701512]R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2012-11-9 6370680]R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-1-30 1900728]R2 PaceLicenseDServices;PACE License Services;C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2012-5-18 2938880]R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-18 383264]R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-1-4 4150112]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-11-1 365376]R3 bomebus;Bome's Virtual MIDI Port Bus Service;C:\Windows\System32\Drivers\bomebus.sys [2013-1-10 34376]R3 bomemidi;Bome's Virtual MIDI Port;C:\Windows\System32\Drivers\bomemidi.sys [2013-1-10 30792]R3 debutfilter;Debut Filter Driver v6.10.01;C:\Windows\System32\Drivers\debutfilterx64.sys [2012-11-8 32024]R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\Drivers\LEqdUsb.sys [2012-9-18 78648]R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\Drivers\LHidEqd.sys [2012-9-18 15160]R3 LoopBe30;nerds.de LoopBe30 - Internal Midi Port SvcDesc(WDM);C:\Windows\System32\Drivers\loopbe30.sys [2011-2-26 16896]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2012-12-27 25928]R3 WSDScan;WSD Scan Support;C:\Windows\System32\Drivers\WSDScan.sys [2012-12-3 23552]R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]R3 ysusb64;Yamaha Steinberg USB Audio;C:\Windows\System32\Drivers\ysusb64.sys [2013-1-29 113960]S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-1-5 75624]S3 gbxavs;Maschine Midi;C:\Windows\System32\Drivers\gbxavs.sys [2011-7-7 357968]S3 gbxusb_svc;Maschine Controller;C:\Windows\System32\Drivers\gbxusb.sys [2011-7-7 68688]S3 iLokDrvr;Usb Driver;C:\Windows\System32\Drivers\iLokDrvr.sys [2012-5-16 25752]S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-6-19 342528]S3 MFWAMIDI64;MOTU Audio MIDI for 64 bit;C:\Windows\System32\Drivers\mfwamidi64.sys [2012-9-6 32408]S3 MFWAWAVE64;MOTU Audio Wave for 64 bit;C:\Windows\System32\Drivers\mfwawave64.sys [2012-9-6 82584]S3 MotuFWA64;MotuFWA64;C:\Windows\System32\Drivers\MotuFWA64.sys [2012-9-6 609944]S3 rspLLL;rspLLL;C:\Windows\System32\Drivers\rspLLL64.sys [2013-6-4 23968]S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]S3 synusb64;eLicenser;C:\Windows\System32\Drivers\synusb64.sys [2012-11-1 30352]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-9-28 53760]S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-26 117248].=============== File Associations ===============.FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1".=============== Created Last 30 ================.2013-07-03 10:33:55 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E40D2F26-F082-4733-A9DE-83D7BC0CD5AC}\mpengine.dll2013-07-03 09:40:28 9552976 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll2013-07-03 09:21:53 -------- d---a-w- C:\.Trash-9992013-06-28 02:41:51 243888 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10208.bin2013-06-26 20:19:56 -------- d-----w- C:\Program Files\Common Files\Intuit2013-06-25 10:34:53 -------- d-----w- C:\ProgramData\Codemasters2013-06-24 19:21:47 -------- d-----w- C:\Program Files (x86)\Infogrames2013-06-24 19:19:09 692224 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll2013-06-24 19:19:09 57344 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll2013-06-24 19:19:09 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe2013-06-24 19:19:09 237568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll2013-06-24 19:19:09 155648 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll2013-06-24 19:19:01 163972 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll2013-06-24 19:19:00 282756 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll2013-06-24 18:41:10 315904 ----a-w- C:\Windows\IsUninst.exe2013-06-24 17:47:13 2829 ----a-w- C:\Windows\War3Unin.pif2013-06-24 17:47:13 126976 ----a-w- C:\Windows\War3Unin.exe2013-06-23 10:58:06 -------- d-----w- C:\Users\Robin\AppData\Roaming\Open DVD Ripper2013-06-17 14:14:20 1300992 ----a-w- C:\Windows\System32\gdi32.dll2013-06-17 14:14:20 1022464 ----a-w- C:\Windows\SysWow64\gdi32.dll2013-06-17 14:13:49 888320 ----a-w- C:\Windows\System32\autochk.exe2013-06-17 14:13:49 793088 ----a-w- C:\Windows\SysWow64\autochk.exe2013-06-17 14:13:49 542208 ----a-w- C:\Windows\System32\untfs.dll2013-06-17 14:13:49 482816 ----a-w- C:\Windows\SysWow64\untfs.dll2013-06-13 08:30:04 17271808 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll2013-06-13 08:30:04 16642560 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll2013-06-11 10:33:15 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin2013-06-11 10:33:03 -------- d-----w- C:\Users\Robin\AppData\Roaming\Copy2013-06-04 10:37:22 23968 ----a-w- C:\Windows\System32\drivers\rspLLL64.sys2013-06-04 10:37:22 -------- d-----w- C:\Program Files\LatencyMon.==================== Find3M ====================.2013-06-17 13:50:19 223 ---ha-w- C:\Windows\samborombon.dll2013-06-04 22:09:22 78200 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-06-04 22:09:22 693112 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-05-15 22:37:03 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll2013-05-15 22:35:49 53760 ----a-w- C:\Windows\System32\UXInit.dll2013-05-14 13:14:01 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-05-14 09:23:31 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-05-04 07:58:17 120736 ----a-w- C:\Windows\System32\AuthHost.exe2013-05-04 07:45:29 2233600 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-05-04 07:34:17 446720 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS2013-05-04 07:34:17 213248 ----a-w- C:\Windows\System32\drivers\UCX01000.SYS2013-05-04 07:34:15 284416 ----a-w- C:\Windows\System32\drivers\spaceport.sys2013-05-04 06:59:56 39424 ----a-w- C:\Windows\System32\wuapp.exe2013-05-04 06:59:51 1483776 ----a-w- C:\Windows\System32\VSSVC.exe2013-05-04 06:59:36 812544 ----a-w- C:\Windows\System32\Magnify.exe2013-05-04 06:59:25 98304 ----a-w- C:\Windows\System32\wudriver.dll2013-05-04 06:59:25 251904 ----a-w- C:\Windows\System32\WUSettingsProvider.dll2013-05-04 06:59:25 141824 ----a-w- C:\Windows\System32\wuwebv.dll2013-05-04 06:59:24 1619968 ----a-w- C:\Windows\System32\wucltux.dll2013-05-04 06:59:08 13644288 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll2013-05-04 06:58:54 328192 ----a-w- C:\Windows\System32\ubpm.dll2013-05-04 06:58:54 10116096 ----a-w- C:\Windows\System32\twinui.dll2013-05-04 06:58:49 173568 ----a-w- C:\Windows\System32\storewuauth.dll2013-05-04 06:58:49 1332736 ----a-w- C:\Windows\System32\sysmain.dll2013-05-04 06:58:48 330240 ----a-w- C:\Windows\System32\stobject.dll2013-05-04 06:58:28 93696 ----a-w- C:\Windows\System32\psmsrv.dll2013-05-04 06:58:02 470528 ----a-w- C:\Windows\System32\netprofmsvc.dll2013-05-04 06:58:02 151552 ----a-w- C:\Windows\System32\netprofm.dll2013-05-04 06:58:01 169984 ----a-w- C:\Windows\System32\netplwiz.dll2013-05-04 06:57:59 17408 ----a-w- C:\Windows\System32\muifontsetup.dll2013-05-04 06:57:46 560640 ----a-w- C:\Windows\System32\mfmp4srcsnk.dll2013-05-04 06:57:31 820736 ----a-w- C:\Windows\System32\gpprefcl.dll2013-05-04 06:57:15 501760 ----a-w- C:\Windows\System32\DevicePairing.dll2013-05-04 06:57:05 179712 ----a-w- C:\Windows\System32\bisrv.dll2013-05-04 06:57:05 122368 ----a-w- C:\Windows\System32\biwinrt.dll2013-05-04 06:57:04 389120 ----a-w- C:\Windows\System32\BCP47Langs.dll2013-05-04 06:57:04 2305024 ----a-w- C:\Windows\System32\authui.dll2013-05-04 06:57:00 708096 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll2013-05-04 06:57:00 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll2013-05-04 06:56:53 419840 ----a-w- C:\Windows\System32\intl.cpl2013-05-04 04:58:34 34304 ----a-w- C:\Windows\SysWow64\wuapp.exe2013-05-04 04:58:14 758784 ----a-w- C:\Windows\SysWow64\Magnify.exe2013-05-04 04:58:02 83968 ----a-w- C:\Windows\SysWow64\wudriver.dll2013-05-04 04:58:02 125952 ----a-w- C:\Windows\SysWow64\wuwebv.dll2013-05-04 04:57:49 10788864 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll2013-05-04 04:57:39 8857088 ----a-w- C:\Windows\SysWow64\twinui.dll2013-05-04 04:57:39 247296 ----a-w- C:\Windows\SysWow64\ubpm.dll2013-05-04 04:57:35 303616 ----a-w- C:\Windows\SysWow64\stobject.dll2013-05-04 04:57:16 18432 ----a-w- C:\Windows\SysWow64\npmproxy.dll2013-05-04 04:57:04 151040 ----a-w- C:\Windows\SysWow64\netplwiz.dll2013-05-04 04:57:04 115712 ----a-w- C:\Windows\SysWow64\netprofm.dll2013-05-04 04:57:02 14336 ----a-w- C:\Windows\SysWow64\muifontsetup.dll2013-05-04 04:56:48 411136 ----a-w- C:\Windows\SysWow64\mfmp4srcsnk.dll2013-05-04 04:56:35 582144 ----a-w- C:\Windows\SysWow64\gpprefcl.dll2013-05-04 04:56:14 449536 ----a-w- C:\Windows\SysWow64\DevicePairing.dll2013-05-04 04:56:06 92160 ----a-w- C:\Windows\SysWow64\biwinrt.dll2013-05-04 04:56:05 309760 ----a-w- C:\Windows\SysWow64\BCP47Langs.dll2013-05-04 04:56:05 2035712 ----a-w- C:\Windows\SysWow64\authui.dll2013-05-04 04:55:58 389632 ----a-w- C:\Windows\SysWow64\intl.cpl2013-05-04 04:51:38 14848 ----a-w- C:\Windows\System32\rars.rs2013-05-04 04:48:33 83968 ----a-w- C:\Windows\System32\drivers\hidclass.sys2013-05-04 04:48:26 27648 ----a-w- C:\Windows\System32\drivers\hidusb.sys2013-05-04 04:47:02 427520 ----a-w- C:\Windows\System32\drivers\rdbss.sys2013-05-04 04:10:47 14848 ----a-w- C:\Windows\SysWow64\rars.rs2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-05-01 02:59:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx2013-05-01 02:59:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts2013-04-28 22:30:55 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-04-28 22:30:12 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-04-28 22:28:33 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-04-28 22:28:29 915968 ----a-w- C:\Windows\System32\uxtheme.dll2013-04-28 22:28:00 3958784 ----a-w- C:\Windows\System32\jscript9.dll2013-04-27 05:20:12 733184 ----a-w- C:\Windows\System32\win32spl.dll2013-04-23 23:13:53 1013248 ----a-w- C:\Windows\SysWow64\certutil.exe2013-04-23 23:12:44 1569792 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-04-23 23:12:44 109056 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-04-23 22:56:35 1255936 ----a-w- C:\Windows\System32\certutil.exe2013-04-23 22:55:48 68096 ----a-w- C:\Windows\System32\cryptsvc.dll2013-04-23 22:55:48 1889280 ----a-w- C:\Windows\System32\crypt32.dll2013-04-23 22:55:48 141312 ----a-w- C:\Windows\System32\cryptnet.dll2013-04-16 02:34:44 1455368 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys2013-04-13 12:56:32 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll2013-04-13 12:56:32 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll2013-04-13 05:56:35 444416 ----a-w- C:\Windows\apppatch\AcSpecfc.dll2013-04-11 06:40:48 6987528 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-04-09 05:33:02 489576 ----a-w- C:\Windows\System32\AudioEng.dll2013-04-09 05:33:02 446792 ----a-w- C:\Windows\System32\AudioSes.dll2013-04-09 05:33:02 253544 ----a-w- C:\Windows\System32\audiodg.exe2013-04-09 05:20:02 86280 ----a-w- C:\Windows\System32\kdnet.dll2013-04-09 05:20:02 306952 ----a-w- C:\Windows\System32\kd_02_10ec.dll2013-04-09 05:18:05 77960 ----a-w- C:\Windows\System32\kdvm.dll2013-04-09 05:17:57 1829408 ----a-w- C:\Windows\System32\ntdll.dll2013-04-09 04:52:07 816128 ----a-w- C:\Windows\System32\SearchIndexer.exe2013-04-09 04:52:07 373760 ----a-w- C:\Windows\System32\SearchProtocolHost.exe2013-04-09 04:52:07 197120 ----a-w- C:\Windows\System32\SearchFilterHost.exe2013-04-09 04:52:07 126464 ----a-w- C:\Windows\System32\Robocopy.exe2013-04-09 04:52:06 804352 ----a-w- C:\Windows\System32\RecoveryDrive.exe2013-04-09 04:51:51 367616 ----a-w- C:\Windows\System32\conhost.exe2013-04-09 04:51:45 523264 ----a-w- C:\Windows\System32\XpsGdiConverter.dll2013-04-09 04:51:41 99840 ----a-w- C:\Windows\System32\wscsvc.dll.============= FINISH: 22:07:30.63 =============== Attach:.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 8 Pro with Media CenterBoot Device: \Device\HarddiskVolume1Install Date: 01/11/2012 10:54:51System Uptime: 03/07/2013 10:40:17 (12 hours ago).Motherboard: ASUSTeK COMPUTER INC. | | P8Z77-VProcessor: Intel® Core i7-3770K CPU @ 3.50GHz | LGA1155 | 3501/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 223 GiB total, 20.98 GiB free.D: is FIXED (NTFS) - 1863 GiB total, 1417.853 GiB free.E: is FIXED (NTFS) - 1863 GiB total, 1572.628 GiB free.F: is FIXED (NTFS) - 932 GiB total, 445.823 GiB free.G: is CDROM ()I: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP48: 24/06/2013 20:21:37 - Installed Enter The MatrixRP49: 03/07/2013 11:27:58 - Installed DirectX.==== Installed Programs ======================.7-Zip 9.20 (x64 edition)Ableton Live 9 SuiteAdobe Acrobat X Pro - English, Français, DeutschAdobe AIRAdobe Creative Suite 6 Master CollectionAdobe Download AssistantAdobe Flash Player 11 PluginAdobe Help ManagerAdobe Reader XIAdobe Widget BrowserAdobe® Content ViewerAmazon MP3 Downloader 1.0.18Analog Laboratory v1_5_2Apple Application SupportApple Mobile Device SupportApple Software UpdateARP2600 V2 2.5.3Artisteer 4Assassin's Creed® III v1.03Authorizer 1.0.5Authorizer 2.0Authorizer Ignition Key SupportAvid EffectsAvid HD Driver (x64)Avid Pro ToolsAvid Virtual InstrumentsblBome's Virtual MIDI Port 1.0.0.11BonjourBorderlands 2Canon MG6100 series MP DriversCopyCS-80V2 2.5.3D3DX10Debut Video Capture SoftwareDecimort 1.3.1 (64bit)DEFCONDefinition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDevastor 1.3.1 (64bit)Dimension Pro 1.5Dimension Pro Free Expansion Packs 1-3Drumazon 1.5.1 (64bit)DVD-Cloner V10.00 Build 1202DVD Architect Pro 5.2eLicenser ControlEmulator 1.4.4Emulator 1.4.6Emulator Modular 1.3eRegFar Cry 3Fazortan 1.3.1 (64bit)FL Studio 11FlowStone FL 3.0IL Download ManagerIL Shared LibrariesIntel® Management Engine ComponentsIntel® Network Connections 17.2.153.0Intel® Processor GraphicsIntel® Rapid Storage TechnologyIntel® SDK for OpenCL - CPU Only Runtime PackageIntel® Trusted Connect Service ClientiTunesJava 7 Update 21Java Auto UpdaterJunk Mail filter updateJupiter-8V2 2.5.3LatencyMon 5.00License SupportLine 6 UninstallerLivid CellLogitech SetPoint 6.51LoopBe2 - Internal MIDI PortsLuSH-101 1.0.0 (64bit)Magic Bullet Suite 64-bitMalwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 1.1Microsoft Application Error ReportingMicrosoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Home and Student 2010Microsoft Office Home and Student 2013 - en-usMicrosoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Single Image 2010Microsoft Office Word MUI (English) 2010Microsoft SilverlightMicrosoft SkyDriveMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106Microsoft Visual Studio 2010 Tools for Office Runtime (x64)Microsoft_VC80_CRT_x86Microsoft_VC90_CRT_x86Microsoft_VC90_MFC_x86Microsoft_VC90_MFCLOC_x86MIDI-OXMini V 2.5.4Modular V 2.6.3Movie MakerMozilla Firefox 20.0.1 (x86 en-US)Mozilla Maintenance ServiceMSVCRTMSVCRT RedistsMSVCRT_amd64MSVCRT110MSVCRT110_amd64MSXML 4.0 SP2 Parser and SDKNative Instruments Abbey Road 60s DrumsNative Instruments Abbey Road 60s Drums VintageNative Instruments Abbey Road 70s DrumsNative Instruments Abbey Road 80s DrumsNative Instruments Abbey Road Modern DrumsNative Instruments Absynth 5Native Instruments Alicias KeysNative Instruments Balinese GamelanNative Instruments Battery 3Native Instruments Battery Library Importer for MaschineNative Instruments Berlin Concert GrandNative Instruments Controller EditorNative Instruments Evolve MutationsNative Instruments Evolve Mutations 2Native Instruments FM8Native Instruments George Duke Soul TreasuresNative Instruments Guitar Rig 5Native Instruments Guitar Rig Elements for MaschineNative Instruments Guitar Rig Mobile I/ONative Instruments Guitar Rig Pro Library for MaschineNative Instruments Guitar Rig Session I/ONative Instruments Komplete 8 UltimateNative Instruments Komplete Elements Mk2Native Instruments Kontakt 5Native Instruments Kontakt Elements Selection R2Native Instruments Kontakt Factory LibraryNative Instruments MaschineNative Instruments Maschine ControllerNative Instruments Maschine Controller DriverNative Instruments Maschine Drum SelectionNative Instruments MassiveNative Instruments New York Concert GrandNative Instruments RammfireNative Instruments RazorNative Instruments Reaktor 5Native Instruments Reaktor Elements SelectionNative Instruments Reaktor PrismNative Instruments Reaktor Spark R2Native Instruments ReflektorNative Instruments Rig Kontrol 3Native Instruments Scarbee Funk GuitaristNative Instruments Scarbee Jay-BassNative Instruments Scarbee MM-BassNative Instruments Scarbee MM-Bass AmpedNative Instruments Scarbee Pre-BassNative Instruments Scarbee Pre-Bass AmpedNative Instruments Scarbee Vintage KeysNative Instruments Service CenterNative Instruments Session Strings ProNative Instruments Studio DrummerNative Instruments The Finger R2Native Instruments The MouthNative Instruments Traktors 12Native Instruments Transient MasterNative Instruments Upright PianoNative Instruments VC 160Native Instruments VC 2ANative Instruments VC 76Native Instruments Vienna Concert GrandNative Instruments Vintage OrgansNative Instruments West AfricaNepheton 1.5.1 (64bit)Nithonat 1.5.1 (64bit)NVIDIA 3D Vision Driver 311.06NVIDIA Control Panel 311.06NVIDIA Graphics Driver 311.06NVIDIA Install ApplicationNVIDIA Stereoscopic 3D DriverNVIDIA Update 1.11.3NVIDIA Update ComponentsOberheim SEM V 1.1.2Office 15 Click-to-Run Extensibility ComponentOffice 15 Click-to-Run Licensing ComponentOffice 15 Click-to-Run Localization ComponentOpen DVD Ripper 3.40 Build 508PDF Settings CS6phPhoscyon 1.9.0 (64bit)Photo CommonPhoto GalleryPicasa 3PidginPrimoPDF -- brought to you by Nitro PDF SoftwarePrism Video File ConverterProphet-V2 2.5.3PunkBuster ServicesQuickBooksQuickBooks Premier Edition 2008QuickBooks Premier Edition 2013QuickTimeRapture 1.2.2Realtek High Definition Audio DriverReason 6.0Reason 6.5.1Redoptor 1.3.1 (64bit)Resolume Avenue 4.1.3SeaTools for WindowsSecurity Update for Microsoft Excel 2010 (KB2597126) 32-Bit EditionSecurity Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553091)Security Update for Microsoft Office 2010 (KB2553096)Security Update for Microsoft Office 2010 (KB2553371) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553447) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589320) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598243) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687501) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687510) 32-Bit EditionSecurity Update for Microsoft OneNote 2010 (KB2760600) 32-Bit EditionSecurity Update for Microsoft Publisher 2010 (KB2553147) 32-Bit EditionSecurity Update for Microsoft Visio 2010 (KB2810068) 32-Bit EditionSecurity Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit EditionSecurity Update for Microsoft Word 2010 (KB2760410) 32-Bit EditionSibelius Scorch (Firefox, Opera, Netscape only)SONAR X2 Producer x64Sony Sound Forge 8.0dSpark Vintage Drum Machines 1.0.2SpotifyStageLight version 1.0 (3456)SteamSteinberg Cubase 6 64bitSteinberg Cubase 7Steinberg Cubase 7 64bitSteinberg Dark Planet 64bitSteinberg Drum Loop Expansion 01Steinberg Eucon Adapter 6.5Steinberg Eucon Adapter 6.5 64bitSteinberg Groove Agent ONE Allen Morgan Signature DrumsSteinberg Groove Agent ONE ContentSteinberg Groove Agent ONE Vintage BeatboxesSteinberg HALion Sonic SESteinberg HALion Sonic SE 64bitSteinberg HALion Sonic SE ContentSteinberg HALionOne 64bitSteinberg HALionOne Expression SetSteinberg HALionOne GM Drum SetSteinberg HALionOne GM SetSteinberg HALionOne Pro SetSteinberg HALionOne Studio Drum SetSteinberg HALionOne Studio SetSteinberg Hypnotic Dance 64bitSteinberg Instrument Set Dark PlanetSteinberg Instrument Set Hypnotic DanceSteinberg Instrument Set TriebwerkSteinberg Instrument Set Zero GravitySteinberg LoopMash ContentSteinberg LoopMash Content 2Steinberg Midi Loop LibrarySteinberg PadshopSteinberg Padshop 64bitSteinberg RetrologueSteinberg Retrologue 64bitSteinberg REVerence Content 01Steinberg Triebwerk 64bitSteinberg Upload ManagerSteinberg UR28M ApplicationsSteinberg VST Amp Rack Content 01SupportSoft Assisted ServiceSyntorus 1.3.1 (64bit)TeamViewer 8Toraverb 1.3.1 (64bit)TouchOSC Bridge version 1.0.1Unity Web PlayerUpdate for Microsoft Office 2010 (KB2553065)Update for Microsoft Office 2010 (KB2553181) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553267) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553378) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2566458)Update for Microsoft Office 2010 (KB2596964) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2598242) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2687503) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2687509) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2767886) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2553290) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2597090) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2687623) 32-Bit EditionUpdate for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2598240) 32-Bit EditionUpdate for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit EditionUplayVegas Pro 11.0 (64-bit)Vegas Pro 12.0 (64-bit)Visual C++ 64-bit RedistributablesVisual C++ RedistributablesVisual Studio Tools for the Office system 3.0 RuntimeVisual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)Warcraft IIIWindows Live Communications PlatformWindows Live EssentialsWindows Live InstallerWindows Live MailWindows Live MIME IFilterWindows Live Photo CommonWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWurlitzer V 1.0.2Yamaha Steinberg USB Driver.==== Event Viewer Messages From Past Week ========.03/07/2013 11:27:20, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.03/07/2013 11:27:20, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.03/07/2013 10:42:43, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: The password for this account has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).03/07/2013 10:42:43, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a log-on failure.02/07/2013 09:39:46, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007a (0x0000000000000004, 0x0000000000000000, 0xfffffa80179da490, 0x0000007bb4f5000c). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 070213-12187-01..==== End Of File =========================== Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 4, 2013 Root Admin ID:698546 Share Posted July 4, 2013 Hello and Please run the following scans and post back the logs and we'll see about getting the box cleaned up. STEP 01Backup the Registry:Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.Please download ERUNT from one of the following links: Link1 | Link2 | Link3 ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed. Double click on erunt-setup.exe to Install ERUNT by following the prompts. Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process. Choose a location for the backup.Note: the default location is C:\Windows\ERDNT which is acceptable. [*]Make sure that at least the first two check boxes are selected. [*]Click on OK [*]Then click on YES to create the folder.Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exeSTEP 02Please download Malwarebytes Anti-Rootkit from HEREUnzip the contents to a folder in a convenient location. Open the folder where the contents were unzipped and run mbar.exe Follow the instructions in the wizard to update and allow the program to scan your computer for threats. Click on the Cleanup button to remove any threats and reboot if prompted to do so. Wait while the system shuts down and the cleanup process is performed. Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process. When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txtSTEP 03Please download Junkware Removal Tool to your desktop.Shutdown your antivirus to avoid any conflicts. Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP. The tool will open and start scanning your system. Please be patient as this can take a while to complete. On completion, a log (JRT.txt) is saved to your desktop and will automatically open. Post the contents of JRT.txt into your next reply message When completed make sure to re-enable your antivirusSTEP 04Please download AdwCleaner by Xplode to your desktop.Close all open programs and internet browsers. Double click on AdwCleaner.exe to run the tool. If prompted by the User Account Control click Yes to allow it to run. Under Actions click on the Delete button. Click OK on all prompts. You will be prompted to restart your computer. A text file will open after the restart. Please post the entire contents of that logfile to your next reply. You can find the logfile at C:\AdwCleaner[s1].txt where the number in brackets indicates how often it was run.STEP 05Please go here to run the online antivirus scannner from ESET.Turn off the real time scanner of any existing antivirus program while performing the online scan Tick the box next to YES, I accept the Terms of Use. Click Start When asked, allow the activex control to install Click Start Make sure that the option Remove found threats is unticked Click on Advanced Settings and ensure these options are ticked:Scan for potentially unwanted applications Scan for potentially unsafe applications Enable Anti-Stealth Technology [*]Click Scan [*]Wait for the scan to finish [*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic. Thanks Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 7, 2013 Root Admin ID:699717 Share Posted July 7, 2013 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 8, 2013 Root Admin ID:700063 Share Posted July 8, 2013 topic reopened per user request Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted August 21, 2013 Root Admin ID:718098 Share Posted August 21, 2013 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts